[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1287
  • Last Modified:

Encrypt login ID, password stored in cookie in Java and Decrypt the information in C#


I am working on a custom single sign on project. The main web site runs on BEA Weblogic. When an user logs into the site, the site is supposed to store login ID and password in a cookie. When the same user connects to another secure sub-site based on asp.net, the sub-site will do an automatic login for the user based on the stored cookie information. To increase security, I would like to encrypt the stored ID and password.

Can you recommend a good encryption/decryption routine that works across the two different platforms? I understand storing ID and password in a cookie is not really a secure solution, but I am trying make the login process as fast as I can.

1 Solution
I don't think you want a encrypt/decrypt type thing. It might be better to encrypt both together with md5() function and store the resulting hash in the cookie and database. MD5() takes some input, then encrypts it into a 32 char long hex number.
When user goes to other site, site pulls cookie, checks if the hash exists, if it does, log in automatically.
Ideally, you don't ever want to decrypt a password (or have passwords stored in a decryptable format). You encrypt a password provided and just compare hashes. If match - login successful.
MD5 doesn't produce dupes - so you always get back a unique hash for unique entries.
The MD5 alorithm is available in PHP and ASP - so I think it might work out fine.
lalala66Author Commented:
Normally, this would be the idea design. Unfortunately, the sub-site is based on a CRM application that I have no control over. My code needs to log into the system on behalf of the user.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now